Before I share it, let me explain the reason for doing so in the first place. Instead of providing myriad tips on how to protect your sensitive data, there's only one that works. Don't Type ANYTHING you want to keep private into a box on ANY website.
“We want to remind shoppers that there are ways to protect themselves,” said Lisa H. Robinson, senior vice president, Wells Fargo Internet Services Group. Editor's Note: Yes there are. But you won't find a bullet-proof solution from the recommendations below. I'm not singling out Wells Fargo. I'm talking Username: Password: here...
“Traditionally, the day after Thanksgiving is one of the busiest shopping days of the year and marks the kick-off of the holiday season.” Customers braving the crowds to shop over the Thanksgiving holiday should remember these tips before heading out the door:
- Take the paperless route with online banking: The 2009 Identity Fraud Survey Report from Javelin Strategy & Research shows that some thieves still do it the old-fashioned way—by stealing bank or credit card statements from the mailbox. Reduce your risk of stolen mail by picking up mail promptly and switching to online statements.
- Monitor your activity: Financial institutions such as Wells Fargo use sophisticated systems to track purchasing and transaction habits so irregularities can be flagged. Register for email or mobile alerts so you can stay informed.
- Protect your computer from malware: Crooks are getting smarter with phishing and malware scams. Make sure your computer has the most up to date virus prevention and don’t download any attachment or plug-in without ensuring it is from an authorized site. When making purchases, be sure the website address starts with “https://...” The “s” helps ensure that your information will be passed along in a secure manner.
Well that's easier said than done. Based on recent reports that "50% of American's don't even know what phishing is" telling them to protect their computer from malware, which, by the way, should be named Mal-every-ware...because it is...is a tall order. Especially since some online banking trojans, such as Zeus, evade detection from even the most up-to-date anti-virus programs. Why not simply "ELIMINATE" the threat of Phishing ENTIRELY. Swipe, Encrypt, Transmit and there's nothing to phish phor.
Oh...and that last part about Https? It should be htt"bs" because SSL is flawed...(see related articles below) (or Google SSL Flawed) - Don’t believe in offers that seem to good to be true* No one wants to be cynical during the holidays, but if something seems too good to be true, it probably is. Watch out for email scams or suspicious messages and report any that may pose to be from your financial institution and report those that try to look like your financial institution to your bank or credit card company.
*Unless you see one that says: Open an online banking account with Wells Fargo and we'll provide you with a FREE HomeATM PCI 2.x Certified PIN Pad so you can sign on to your online banking session the same trusted way you access cash at an ATM...cause I guarantee the bad guys wouldn't want to send you something that will hurt their ability to steal your hard-earned money. - Be careful what you share: Unless you initiated the interaction, do not provide sensitive financial information over the Internet or phone, including Social Security numbers, passwords, personal identification numbers (PINs) or account numbers.
- Editor's Note: That's weird. In order to open a Wells Fargo online banking account you have to "TYPE IN" your "sensitive financial information" into a browser. (including your Social Security number AND your Card Number) See Screen Shot below of Wells Fargo online banking log-in page. To be fair, they did say "unless you "initiate" the interaction...although hundreds of security experts would disagree. What if it was a phishing attack that incorporated a cloned website? What if your PC had an online banking trojan. Here's my holiday tip. Never Type...anything sensitive into the browser space.
- Editor's Note: OR...simply tell your bank that you want a PCI 2.x Certified PIN Entry Device so YOU can Swipe your card information instead of the bad guys doing it. Sure it will cost your bank money, but it will save them more. Unlike the hundreds of "useless banking promotions" you see now and which cost the bank more than what giving away our device would. So tell your bank to "bite the bullet" and provide a "bullet proof" solution for online banking security. Call it HAAS. (Hardware As A Service)
- Editor's Note: OR...simply tell your bank that you want a PCI 2.x Certified PIN Entry Device so YOU can Swipe your card information instead of the bad guys doing it. Sure it will cost your bank money, but it will save them more. Unlike the hundreds of "useless banking promotions" you see now and which cost the bank more than what giving away our device would. So tell your bank to "bite the bullet" and provide a "bullet proof" solution for online banking security. Call it HAAS. (Hardware As A Service)
“Education and awareness are important tools to make sure this really is the most festive time of the year,” said Teddy De Rivera, executive vice president, Wells Fargo Internet Services Group. “Whether customers are shopping online or off, keep the following steps in mind to make sure accounts stay problem-free.”
- Check your list twice: Review your account activity regularly, especially during big shopping trips. Enroll in mobile banking to check your balance and transactions while on the go, or check your purchase activity online as soon as you get home. Sign up for transaction alerts on your debit or credit card which will notify you of transactions over your threshold.
- Be aware of your surroundings: Cover the pin pad when you enter your pin number. Do not repeat sensitive financial information where it could be overheard.
- Ensure you're protected in case of loss or theft: Wells Fargo guarantees that its customers will be covered for 100% of the funds in their Wells Fargo account in the unlikely event that someone you haven’t authorized removes those funds through Wells Fargo Online® or Wells Fargo Business Online®. Customers are responsible for protecting their password and account information and for providing prompt notification of an unauthorized transaction. Customers can visit https://www.wellsfargo.com/privacy_security/online/guarantee for how the guarantee works.
- Ensure your cards are covered: Wells Fargo cardholders are also protected by the built-in WellsProtect® program, which provides zero liability if a card is ever used without the customer’s permission when promptly reported.
- Know your credit report: Review your credit report at least once a year, looking for suspicious or unauthorized transactions. You can get a free credit report once a year from each of the three major credit bureaus at the AnnualCreditReport web site.
Wells Fargo maintains multiple layers of security to protect customers, their accounts and their information. Wells Fargo's layered approach to online security extends beyond a unique username and password, 128-bit encryption for online banking, bill pay, a powerful firewall, technology updates, and continuous surveillance. Wells Fargo uses a combination of front-end and back-end controls (https://www.wellsfargo.com/privacy_security/online/protect), and continuously evolves its security activities in response to the changing environment as well as customer needs.
About Wells Fargo & Company
Wells Fargo & Company is a diversified financial services company with $1.2 trillion in assets, providing banking, insurance, investments, mortgage and consumer finance through more than 10,000 stores and 12,000 ATMs and the Internet (wellsfargo.com) across North America and internationally.